Force HA failover for testing and demonstrations

This command should only be used for testing, troubleshooting, maintenance, and demonstrations.

Do not use it in a live production environment outside of an active maintenance window.

HA failover can be forced on an HA primary device. The device will stay in a failover state regardless of the conditions. The only way to remove the failover status is by manually turning it off.

Syntax

execute ha failover set <cluster_id>

execute ha failover unset <cluster_id>

Variable	Description
<cluster_id>	The cluster ID is `1` for any cluster that is not in virtual cluster mode, and can be `1` or `2` if virtual cluster mode is enabled.

Example

To manually force an HA failover:

# execute ha failover set 1
Caution: This command will trigger an HA failover.
It is intended for testing purposes.
Do you want to continue? (y/n)y

To view the failover status:

# execute ha failover status
failover status: set

To view the system status of a device in forced HA failover:

# get system ha status
HA Health Status: OK
Model: FortiGate-300D
Mode: HA A-P
Group: 240
Debug: 0
Cluster Uptime: 0 days 2:11:46
Cluster state change time: 2020-03-12 17:38:04
Primary selected using:
    <2020/03/12 17:38:04> FGT3HD3914800153 is selected as the primary because it has EXE_FAIL_OVER flag set.
    <2020/03/12 15:27:26> FGT3HD3914800069 is selected as the primary because it has the largest value of override priority.
ses_pickup: disable
override: enable
Configuration Status:
    FGT3HD3914800069(updated 4 seconds ago): in-sync
    FGT3HD3914800153(updated 3 seconds ago): in-sync
System Usage stats:
    FGT3HD3914800069(updated 4 seconds ago):
        sessions=5, average-cpu-user/nice/system/idle=0%/0%/0%/100%, memory=30%
    FGT3HD3914800153(updated 3 seconds ago):
        sessions=41, average-cpu-user/nice/system/idle=0%/0%/0%/99%, memory=30%
HBDEV stats:
    FGT3HD3914800069(updated 4 seconds ago):
        port3: physical/1000auto, up, rx-bytes/packets/dropped/errors=15914162/42929/0/0, tx=15681840/39505/0/0
        port5: physical/1000auto, up, rx-bytes/packets/dropped/errors=17670346/52854/0/0, tx=20198409/54692/0/0
    FGT3HD3914800153(updated 3 seconds ago):
        port3: physical/1000auto, up, rx-bytes/packets/dropped/errors=16636700/45544/0/0, tx=15529791/39512/0/0
        port5: physical/1000auto, up, rx-bytes/packets/dropped/errors=20199928/54699/0/0, tx=17672146/52862/0/0
Secondary: FortiGate-300D  , FGT3HD3914800069, HA cluster index = 1
Primary: FortiGate-300D  , FGT3HD3914800153, HA cluster index = 0
number of vcluster: 1
vcluster 1: standby 169.254.0.1
Secondary: FGT3HD3914800069, HA operating index = 1
Primary: FGT3HD3914800153, HA operating index = 0

To stop the failover status:

# execute ha failover unset 1
Caution: This command may trigger an HA failover.
It is intended for testing purposes.
Do you want to continue? (y/n)y

To view the system status of a device after forced HA failover is disabled:

# get system ha status
HA Health Status: OK
Model: FortiGate-300D
Mode: HA A-P
Group: 240
Debug: 0
Cluster Uptime: 0 days 2:14:55
Cluster state change time: 2020-03-12 17:42:17
Primary selected using:
    <2020/03/12 17:42:17> FGT3HD3914800069 is selected as the primary because it has the largest value of override priority.
    <2020/03/12 17:38:04> FGT3HD3914800153 is selected as the primary because it has EXE_FAIL_OVER flag set.
    <2020/03/12 15:27:26> FGT3HD3914800069 is selected as the primary because it has the largest value of override priority.
ses_pickup: disable
override: enable
Configuration Status:
    FGT3HD3914800069(updated 3 seconds ago): in-sync
    FGT3HD3914800153(updated 2 seconds ago): in-sync
System Usage stats:
    FGT3HD3914800069(updated 3 seconds ago):
        sessions=0, average-cpu-user/nice/system/idle=0%/0%/0%/100%, memory=30%
    FGT3HD3914800153(updated 2 seconds ago):
        sessions=38, average-cpu-user/nice/system/idle=0%/0%/0%/100%, memory=30%
HBDEV stats:
    FGT3HD3914800069(updated 3 seconds ago):
        port3: physical/1000auto, up, rx-bytes/packets/dropped/errors=16302442/43964/0/0, tx=16053848/40454/0/0
        port5: physical/1000auto, up, rx-bytes/packets/dropped/errors=18161941/54088/0/0, tx=20615650/55877/0/0
    FGT3HD3914800153(updated 2 seconds ago):
        port3: physical/1000auto, up, rx-bytes/packets/dropped/errors=17033009/46641/0/0, tx=15907891/40462/0/0
        port5: physical/1000auto, up, rx-bytes/packets/dropped/errors=20617180/55881/0/0, tx=18163135/54091/0/0
Primary: FortiGate-300D  , FGT3HD3914800069, HA cluster index = 1
Secondary: FortiGate-300D  , FGT3HD3914800153, HA cluster index = 0
number of vcluster: 1
vcluster 1: work 169.254.0.2
Primary: FGT3HD3914800069, HA operating index = 0
Secondary: FGT3HD3914800153, HA operating index = 1

Force HA failover for testing and demonstrations

This command should only be used for testing, troubleshooting, maintenance, and demonstrations.

Do not use it in a live production environment outside of an active maintenance window.

HA failover can be forced on an HA primary device. The device will stay in a failover state regardless of the conditions. The only way to remove the failover status is by manually turning it off.

Syntax

execute ha failover set <cluster_id>

execute ha failover unset <cluster_id>

Variable

Description

<cluster_id>

The cluster ID is 1 for any cluster that is not in virtual cluster mode, and can be 1 or 2 if virtual cluster mode is enabled.

Example

To manually force an HA failover:

# execute ha failover set 1 Caution: This command will trigger an HA failover. It is intended for testing purposes. Do you want to continue? (y/n)y

To view the failover status:

# execute ha failover status failover status: set

To view the system status of a device in forced HA failover:

# get system ha status HA Health Status: OK Model: FortiGate-300D Mode: HA A-P Group: 240 Debug: 0 Cluster Uptime: 0 days 2:11:46 Cluster state change time: 2020-03-12 17:38:04 Primary selected using: <2020/03/12 17:38:04> FGT3HD3914800153 is selected as the primary because it has EXE_FAIL_OVER flag set. <2020/03/12 15:27:26> FGT3HD3914800069 is selected as the primary because it has the largest value of override priority. ses_pickup: disable override: enable Configuration Status: FGT3HD3914800069(updated 4 seconds ago): in-sync FGT3HD3914800153(updated 3 seconds ago): in-sync System Usage stats: FGT3HD3914800069(updated 4 seconds ago): sessions=5, average-cpu-user/nice/system/idle=0%/0%/0%/100%, memory=30% FGT3HD3914800153(updated 3 seconds ago): sessions=41, average-cpu-user/nice/system/idle=0%/0%/0%/99%, memory=30% HBDEV stats: FGT3HD3914800069(updated 4 seconds ago): port3: physical/1000auto, up, rx-bytes/packets/dropped/errors=15914162/42929/0/0, tx=15681840/39505/0/0 port5: physical/1000auto, up, rx-bytes/packets/dropped/errors=17670346/52854/0/0, tx=20198409/54692/0/0 FGT3HD3914800153(updated 3 seconds ago): port3: physical/1000auto, up, rx-bytes/packets/dropped/errors=16636700/45544/0/0, tx=15529791/39512/0/0 port5: physical/1000auto, up, rx-bytes/packets/dropped/errors=20199928/54699/0/0, tx=17672146/52862/0/0 Secondary: FortiGate-300D , FGT3HD3914800069, HA cluster index = 1 Primary: FortiGate-300D , FGT3HD3914800153, HA cluster index = 0 number of vcluster: 1 vcluster 1: standby 169.254.0.1 Secondary: FGT3HD3914800069, HA operating index = 1 Primary: FGT3HD3914800153, HA operating index = 0

To stop the failover status:

# execute ha failover unset 1 Caution: This command may trigger an HA failover. It is intended for testing purposes. Do you want to continue? (y/n)y

To view the system status of a device after forced HA failover is disabled:

# get system ha status HA Health Status: OK Model: FortiGate-300D Mode: HA A-P Group: 240 Debug: 0 Cluster Uptime: 0 days 2:14:55 Cluster state change time: 2020-03-12 17:42:17 Primary selected using: <2020/03/12 17:42:17> FGT3HD3914800069 is selected as the primary because it has the largest value of override priority. <2020/03/12 17:38:04> FGT3HD3914800153 is selected as the primary because it has EXE_FAIL_OVER flag set. <2020/03/12 15:27:26> FGT3HD3914800069 is selected as the primary because it has the largest value of override priority. ses_pickup: disable override: enable Configuration Status: FGT3HD3914800069(updated 3 seconds ago): in-sync FGT3HD3914800153(updated 2 seconds ago): in-sync System Usage stats: FGT3HD3914800069(updated 3 seconds ago): sessions=0, average-cpu-user/nice/system/idle=0%/0%/0%/100%, memory=30% FGT3HD3914800153(updated 2 seconds ago): sessions=38, average-cpu-user/nice/system/idle=0%/0%/0%/100%, memory=30% HBDEV stats: FGT3HD3914800069(updated 3 seconds ago): port3: physical/1000auto, up, rx-bytes/packets/dropped/errors=16302442/43964/0/0, tx=16053848/40454/0/0 port5: physical/1000auto, up, rx-bytes/packets/dropped/errors=18161941/54088/0/0, tx=20615650/55877/0/0 FGT3HD3914800153(updated 2 seconds ago): port3: physical/1000auto, up, rx-bytes/packets/dropped/errors=17033009/46641/0/0, tx=15907891/40462/0/0 port5: physical/1000auto, up, rx-bytes/packets/dropped/errors=20617180/55881/0/0, tx=18163135/54091/0/0 Primary: FortiGate-300D , FGT3HD3914800069, HA cluster index = 1 Secondary: FortiGate-300D , FGT3HD3914800153, HA cluster index = 0 number of vcluster: 1 vcluster 1: work 169.254.0.2 Primary: FGT3HD3914800069, HA operating index = 0 Secondary: FGT3HD3914800153, HA operating index = 1

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Table of Contents

Administration Guide

Force HA failover for testing and demonstrations

Syntax

Example

To manually force an HA failover:

To view the failover status:

To view the system status of a device in forced HA failover:

To stop the failover status:

To view the system status of a device after forced HA failover is disabled:

Force HA failover for testing and demonstrations

Syntax

Example

To manually force an HA failover:

To view the failover status:

To view the system status of a device in forced HA failover:

To stop the failover status:

To view the system status of a device after forced HA failover is disabled: